Monthly Archives: May 2011

In the wake of World War II, the United States was overwhelmingly the most dominant world power, establishing international institutions that favored its preferred world order characterized by a system of coherent states. And in this context, America proceeded to assume the role of policeman of the “Free World”. Even in the face of the gathering storm of the international Soviet and a defiant China, the United States effectively ruled the world, in the limited way that yesteryear’s technology and adolescent industrial capitalism enabled. But, that world has changed, with America enjoying less and less control of the international system that it helped establish. As a result, the American international affairs community has spent much of the past two decades exploring their collective existential ennui inspired by this seeming decline. As a result, they have been tilting at windmills, on a quest to determine how America can re-achieve its onetime uncontested glory.

Viewed through a mid-century American lens, the disarray into which the international system has fallen is inexplicable. It has come to pass that, as the Parag Khanna has observed, “No one is waiting for permission from Washington to make deals with whomever it wants.” The world has seemingly fallen into something most similar to the Middle Ages, “with Asian empires, Western militaries, Middle Eastern sheikhdoms, magnetic city-states, wealthy multinational corporations, elite clans, religious zealots, tribal hordes, and potent media seething in an ever more unpredictable and dangerous storm.” Clearly the time has come for the American international affairs community to cease their longing for a bygone Pax Americana. The time for hand wringing is now over. Not just Americans, but the entire global community, is yearning for a new framework for thinking about how to run the world, now that no one nation can possibly rule it.

Luckily, Khanna has not just written a book of keen observations, but has offered some strategies that we should all heed. And, while his bookHow to Run the World: Charting a Course to the Next Renaissance, strays far from the Washington Consensus, his counsel offers a path forward to a far better moment in human history, which the American international affairs community should yearn to enable. His metaphor is compelling. The world has once evolved from the Middle Ages to the Renaissance, and as is frequently observed, history has a way of repeating itself. If the right strategies are deployed by the right players, such a transformation should indeed by achievable.

But what are those strategies? And who are the players?

Firstly, as Khanna points out “Our maps of the world no longer reflect reality on the ground.” Perhaps he is being generous, in that many of these borders never had any real basis in reality, only reflecting the gross ignorance of the power elites around the table at the time. To build and revere an international order built around such a suspension of disbelief is hard to defend. Still, few in the American international affairs community ever speak about the fundamental need to recarve up the world map, providing states to a much broader array of currently stateless nations.

To do this, and most everything else in his recipe book, Khanna suggests that America and the other principal stake holders in the current system should shy away from defending the “grand toothless global architecture” that has evolved, and rather should encourage regional responsibility. The myth of a global system of coherent states must give way to an understanding of the diversity of institutional actors at play in this new Middle Ages, and the far flung, yet networked “islands of governance” that actually constitute the international system. America should deploy all of its experience, capability, know-how, and remaining goodwill to help these regional collections of islands to organize effective and resilient regional organizations for security, and ultimately much more. After all, as Khanna points out, today “”Where regional security organizations are strong, there is order; where they are weak, there is chaos”. And the chaos has been very bad for America and Americans.

Surely many in the American security establishment are loath to delegate primary responsibility for strategic matters (such as borders) to regional bodies, but our track record in regions where we lack such regional organizations (such as the Middle East and South Asia) are miserably bad. Too many Americans feel far more comfortable with a government that engages in the kind of “great power clientelism” that has a proven track record of institutionalizing instability around the world. But this American impulse is anachronistic, and is a major source of America’s diminished influence in the international system – not to mention the emasculation of the international institutions that America formed in the first place. Accepting and robustly supporting regional institutions must become the new American way.

Lastly, Khanna paints an exciting picture about how a global community of actors far afield of the “stiff walz” of bureaucratic, interstate diplomacy can each make important contributions to the new global order, and help run the world. Indeed, contributions that no state is capable of making. “Mega-diplomacy” is a term he coins (a rhetorical hyperbole which grows on you as you read) to describe the “jazzy dance among coalitions of ministries, companies, churches, foundations, universities, activists, and other willful, enterprising individuals who cooperate to achieve specific goals” across the globe.

In the end, Khanna’s message is one of empowerment. You don’t need to be a member of our anemic (though admirable and able) foreign service (only 5000 strong) to have an impact on the world stage. You can help run the world in this new age, and help steer it to a new Renaissance. Anyone with a vision, high-leverage idea, and an entrepreneurial spirit can reshape the world. Khanna marshals far too many examples of people and organizations that are doing it, despite the system, for one to dismiss his concept of mega-diplomacy. If the guardians of these “islands of governance” (yes, the United States is one of the larger islands of governance) refuse to open their doors and minds to leverage the energy and momentum being generated by these “new diplomats”, then they will simply become less and less relevant.

If you do not aspire to be an independent (though patriotically American) diplomat engaged in mega-diplomacy, that’s ok too. You can still demand of your government that it enable their success. Demand the establishment or regional security organizations, and no more unwieldy and condescending American-led global architectures which are untenable in today’s world. Demand the end to the cartographic fictions over which transnational flows of peoples, goods, weapons, diseases, conflicts and natural disasters flow freely. And require that they guide these regional security organizations to undertake a shock therapy of state re-carving that enables the currently abandoned nations of the world to become self-governing and prosperous.

America’s international authority and legitimacy over the long haul depends upon the alignment of the interests that we pursue with the principles that we hold dear. America’s national security politics and institutions has demonstrated a tendency toward the mis-alignment of interests and principles, diminishing our place in the world order, and undermining the world order that America established at the close of WWII. But, this imbalance can be corrected both within and beyond government.

As an American, you can demand that your leaders instigate the structural changes that enable all of us to ply our trade as the new breed of diplomats that Khanna so eloquently and passionately describes, and practice the principles of mega-diplomacy. As Khanna observes, the global responses to many recent crises and challenges have shown that “The greatness of America lies in the talent, depth, wealth, and generosity of its citizenry” – not just in America’s public institutions, and the sclerotic political cultural that too often diminish their contributions to the global order.

“How to Run the World” is the right question for tackling today’s transnational challenges. The days of ruling the world are over. Parag Khanna gets it right.

Parag Khanna’s “How to Run the World: Charting a Course to the Next Renaissance” is released January 11th, and is available forpre-order from Amazon. The book launch will take place at the New America Foundation on January 12th, witha book talk at Politics and Prosethat evening.

The application of cross-domain security technologies to the world of GEOINT is not new. High-priority missions, innovative system designers and forward-leaning security officials have from time to time created the opportunity to apply these specialized and highly restricted technologies to the flow of particular kinds of data between particular networks for particular purposes.

For far too long, however, information sharing in this manner was considered an exception, not a rule. As such, this class of technologies was thought of, and even engineered, as point solutions without broader and more extensible application.

Those days must now come to an end. It is time for the era of cross-domain GEOINT to begin.

Achieving geospatial situational awareness across the extended national security community demands that data from many networks of differing classifications comes together seamlessly. While the average citizen assumes that such seamless geospatial situational awareness is provided to national security leaders, military commanders, operators and analysts as a matter of course, everyone in the business understands that this is simply not the case.

In the face of a host of commercially available cross-domain technologies, the establishment of the Unified Cross Domain Management Office (UCDMO), and executive orders that give the highest priority to solutions that will allow for the ability to share national security information, the lack of cross-domain security has led the level of geospatial situational awareness to be inexcusably thin. As GEOINT matures as a discipline and cross-cutting framework for intelligence and national security integration, it is time for it to become inherently cross-domain.

The Goal

The president of the United States should be able to draw a bounding box on a map, declare a slice of time, and discover, browse, access and exploit everything that the extended national security enterprise knows about a topic of interest over that location, at that moment in time. The president should be able to do this, at the click of a button, despite the fact that the source data resides on servers hidden behind a blinding array of unconnected/ balkanized networks of different classifications.

While the commander in chief has many other demands on his time, it should be possible when crises hit to demand instantaneous access to everything on the situation room map. Sadly, he and his staff cannot—and it’s not even close. Perhaps worse, the president’s national security team, military commanders, warfighters/operators and intelligence analysts suffer from the same challenge.

Technology, Law, Policy and Culture

Many in Washington love to explain how the problems we experience with information sharing are due not to a lack of technology, but rather to culturally induced legal and policy limitations. It is said that since various agencies and their personnel are rewarded for hoarding information and breaking new intelligence, there is no incentive to reform the micro- and macro-level legal and policy frameworks that could improve information sharing, and in the world of GEOINT, geospatial situational awareness.

For the past decade or more, those voicing this worldview have often paid short shrift to the major technology challenges that have plagued the sharing of information across security domains. Point solutions have wrongly been touted as being wildly extensible to every possible cross-domain challenge. Innovation in the field has too often been neglected, and it certainly has not been the focus of widespread acquisition.

Despite this lack of attention to the technology challenges, a new class of cross-domain solutions has emerged that makes it possible to deploy bi-directional ICD 503 PL4/PL5 cross-domain solutions that are agnostic as to the data source, and capable of real-time streams of big data. That is, despite the system, technology pioneers have succeeded at rendering the technology issues moot. It is now time for leaders to demand the enterprise-wide adoption of their innovations.

Paralysis by Jargon

One of the reasons for the slow adoption of cross-domain security solutions across the National System for GEOINT, and the national security community more broadly, has been the arcane technical and policy jargon one must master for the successful deployment of these solutions. In the course of crossing security domains, it is not enough just to master the nuances of Director of Central Intelligence Directive 6/3-DCID 6/3 PL4/PL5 (or is it now Intelligence Community Directive 503 PL4/PL5?) documentation, configuration and mitigations.

You also master the DoD Information Technology Security Certification and Accreditation Process/DoD Information Assurance Certification and Accreditation Process criteria; DoD Intelligence Information System accreditation process support and documentation; DoD Directive 8570.1 compliant training and support; and Secret and Below Interoperability and Top Secret and Below Interoperability, as well as the current state of thinking at any moment in time within the UCDMO.

Even worse, one must master the distinctions between Multiple Independent Levels of Security (MILS), Multiple Levels of Security (MLS) for the purposes of data access, and MLS for the purposes of transfer.

Each has been a valuable step in the evolution of information sharing. MILS desktops have enabled organizations and users to conserve on the hardware required to access data on different networks, with a MILS workstation that could be rebooted to access networks of different classifications. MLS desktops have enabled users to have views into data (“access”) from different security domains on the same desktop at the same time, requiring no reboot or switching.

Even so, neither technology path enables the necessary transfer of data across security domains in order to enable actual processing and exploitation. What is missing in the MLS desktop is the ability to transfer information, data and images from one application/security level to another (“transfer”).

Now that analysts are experiencing the benefits of access, their desire to transfer has become manifest. And, when operators and analysts discover that they can see and think in MLS, they immediately want to transfer in MLS. But this requires an enterprise that is cross domain at its very core.

An implementer not only must understand these disparate languages, but also must master the complex kabuki dance of dealing with multiple accrediting authorities, each with a different jargon and process. This even holds true when the domains being crossed are unclassified in nature (for example, NIPRnet to the World Wide Web), as everything is considered a “national security system,” leading to costly and crippling processes. For many years, it has been unrealistic to think that any such cross-domain solution could be deployed generically across the enterprise when plagued by all of this technical and policy jargon.

Point to Point Misses the Point

While the executive orders demanding information sharing are clear in their mandate, the difficulties of achieving a multilevel secure enterprise that provides near-ubiquitous access and is operationally seamless to the user between disparate environments are significantly more complex than current point-to-point cross-domain security solutions can handle. The history of ICD 503 PL4 and PL5 controlled interfaces is not one of agility.

Historically, such controlled interfaces have been designed as single purpose devices deployed to secure the flow of particular data types for a single application between particular networks, and so have not been engineered to support the dynamism required by today’s time-dominant information sharing challenges. There are presently commercially available controlled interfaces, however, that can be used as the keystone of an agile enterprise security infrastructure deployed on elastic cloud computing infrastructures.

It will not be enough to simply use more of the point-to-point PL4 and PL5 cross-domain solutions that we have used in the past. We must move to a new generation of cross-domain controlled interfaces, and the architectural concepts that underpin the future agile enterprise.

Enabled in All Directions

In order to achieve an agile enterprise, cross-domain data flows have to be enabled in every direction. It must be possible for applications/users on a high-side network to transparently request data from a low-side resource (reach down). It must be possible for an application/user on a high-side network to transact data from the high-side via a low-side web service into a low-side database (transact down).

It also must be possible for applications/users on a low-side network to request data via a low-side web service into a high-side, label-aware database (reach up), and for client applications/users on a low-side network to transact data via a low-side web service into a high-side, label-aware database (transact up).

Obviously, only data of the appropriate classification should be able to move in any of these directions. In addition, no data spillage downward or insertion of malicious code upwards can be tolerated. Particularly since Army Private First Class Bradley Manning’s alleged disclosure of classified data to WikiLeaks, it is critical that data be label secured, and that such PL5 controlled interfaces be in place as gateways to any data movement. Cross-domain controlled interfaces should be considered a key part of the strategy for mitigating the “Manning effect,” rather than an enabler for future intentional or unintentional spills/leaks.

Legitimate, high-mission-value GEOINT workflows demand that each of these flows be enabled at the core of the enterprise. At the most basic level, data would ideally exist only once across the enterprise—albeit with appropriate redundancy—on the network of the data’s classification, and accessible to all users on higher classification networks.

Analysts need to be able to dynamically and seamlessly bring low-side, time-dominant GEOINT resources into their high-side exploitation environments. Operators need to be able to dynamically and seamlessly release appropriately classified data resources from high-side environments to low-side users when crises occur.

In the case that data of different classifications reside in high-side repositories, there will be occasions when operators without clearances require the ability to reach up into that repository and access the data appropriate to their needs. Operators with no clearances, or operating from exposed environments, also must be able to contribute data into high-side exploitation environments by transacting data upward.

What is needed is to deploy an agile enterprise cross-domain architecture that can flexibly enable any such flow without developing an entirely new System Security Plan and the continual deployment of additional engineering resources. The GEOINT enterprise must be cross-domain down to its very core.